<?php 
$conn = mysql_connect("127.0.0.1","root","");
mysql_select_db("xingtan");
$name = mysql_real_escape_string($_GET['n']);
$id = mysql_real_escape_string($_GET['id']);
$url = mysql_real_escape_string($_GET['u']);
$title = mysql_real_escape_string($_GET['t']);

$sql = sprintf("UPDATE authors SET name = '%s', title='%s', url='%s' WHERE id = %s", $name, $title, $url, $id);
if ($id && $title && $name && $url) {
  mysql_query($sql);
  print 'update success';
} else {
  print 'parameter error';
}
mysql_close($conn);
?>
